More in this section

Forums / General Discussions / RenewTicket - Index outside of bounds of the array

RenewTicket - Index outside of bounds of the array

10 posts, 0 answered
  1. Matt
    Matt avatar
    56 posts
    Registered:
    20 Nov 2009
    02 Dec 2010
    Link to this post
    Getting this error occasionally out of nowhere and at first I thought it was just an issue that will show up only in development, but I've seen it on our test site now.  I have to close my browser, or delete the .SFAUTH cookie to get rid of it.  Anyone else seeing this one pop up?  I'm on the latest RC build.

    Index was outside the bounds of the array.
    Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code. 

    Exception Details: System.IndexOutOfRangeException: Index was outside the bounds of the array.

    Source Error: 

    An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.

    Stack Trace: 

    [IndexOutOfRangeException: Index was outside the bounds of the array.]
       Telerik.Sitefinity.Security.SecurityManager.RenewTicket(FormsAuthenticationTicket oldTicket, TimeSpan newTimeout) +415
       Telerik.Sitefinity.Security.SecurityManager.BuildIdentity(HttpContextBase context) +564
       Telerik.Sitefinity.Security.SecurityManager.BuildPrincipal(HttpContextBase context) +119
       Telerik.Sitefinity.Security.SecurityManager.AuthenticateRequest(HttpContextBase context) +78
       Telerik.Sitefinity.Web.SitefinityHttpModule.Context_AuthenticateRequest(Object sender, EventArgs e) +104
       System.Web.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() +80
       System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) +266
  2. Ivan Dimitrov
    Ivan Dimitrov avatar
    16072 posts
    Registered:
    12 Sep 2017
    02 Dec 2010
    Link to this post
    Hi Matt,

    Are there any steps that we can follow to replicate this issue?

    Regards,
    Ivan Dimitrov
    the Telerik team
    Do you want to have your say when we set our development plans? Do you want to know when a feature you care about is added or when a bug fixed? Explore the Telerik Public Issue Tracking system and vote to affect the priority of the items
  3. Matt
    Matt avatar
    56 posts
    Registered:
    20 Nov 2009
    02 Dec 2010
    Link to this post
    I think we just figured it out... we were accidentally using the asp:Login control in one place, and it was probably putting a "regular" forms authentication cookie on the response, which sitefinity didn't like.  In general we're using a completely custom login form, so I don't think we'll see it anymore.  Sorry for the false alarm...
  4. Matt
    Matt avatar
    56 posts
    Registered:
    20 Nov 2009
    03 Dec 2010
    Link to this post
    So my last guess didn't end up fixing it.  Here's the latest on what I think is causing this error.  We have two different domains pointing to the same SF instance.  If I try to login to the backend under our second domain (not the original one that we have been using all along) it results in this error until I a) close the browser or b) delete the cookies.  When I finally do get in, I am unable to publish pages (failed workflow operation).

    Matt

  5. Matt
    Matt avatar
    56 posts
    Registered:
    20 Nov 2009
    03 Dec 2010
    Link to this post
    Okay so now I can make it happen every time on the original domain, so maybe nothing to do with accessing it through the second domain.  If I try to login to the backend with a user that doesn't have access to the backend, I get this error.  Sounds silly, but we're going to do this a lot by accident now that we have to track two different logins, one for the frontend and one for the backend.
  6. Ivan Dimitrov
    Ivan Dimitrov avatar
    16072 posts
    Registered:
    12 Sep 2017
    03 Dec 2010
    Link to this post
    Hi Matt,

    The problem is that we use FormsAuthenticationTicket.UserData property to store additional user information  which is specific for Sitefinity. In your case FormsAuthenticationTicket.UserData is an empty array and this results in the error you see. We made some changes to the code which provides some more descriptive information about the error.

    Is there any reason for not using our built-in Login controls which will not cause such a issue? I tried to replicate the issue by using the standard ASP.NET Login control with no avail. Probably there is something in the logic of your custom control that sends data to FormsAuthenticationTicket.UserData and then we read it in an inappropriately.

    Best wishes,
    Ivan Dimitrov
    the Telerik team
    Do you want to have your say when we set our development plans? Do you want to know when a feature you care about is added or when a bug fixed? Explore the Telerik Public Issue Tracking system and vote to affect the priority of the items
  7. Matt
    Matt avatar
    56 posts
    Registered:
    20 Nov 2009
    12 Dec 2010
    Link to this post
    Ivan,
    We're still seeing this error across all installations of sitefinity.
    Here is the custom code we're using to login.  I believe it is what was suggested in an earlier thread:

    var now = DateTime.UtcNow;
    var ip = SystemManager.CurrentHttpContext.Request.UserHostAddress;
    var manager = UserManager.GetManager();
    var user = manager.GetUser(username);
    user.IsLoggedIn = true;
    user.LastLoginIp = ip;
    user.LastLoginDate = now;
    user.LastActivityDate = now;
    SecurityManager.SetAuthenticationCookie(SystemManager.CurrentHttpContext.Response, "Default", user, false);
    manager.Provider.SuppressSecurityChecks = true;
    manager.SaveChanges();
    manager.Provider.SuppressSecurityChecks = false;

    Is there anything wrong with our code?  Anything we're missing?
    There were too many problems with the telerik login form to use it as is, but maybe that was cleaned up in a more recent release since we last tried it.  Regardless, I want to make sure we are using the correct approach to do a programmatic login as it's likely we'll need this at some point, such as when a user registers with the site for the first time.

    Thanks,
    Matt

  8. Ivan Dimitrov
    Ivan Dimitrov avatar
    16072 posts
    Registered:
    12 Sep 2017
    13 Dec 2010
    Link to this post
    Hi Matt,

    Try setting persistent parameter to true. The same code is used in our login control, so there should not be a difference if you use this code or the Login control. There are not changes to the LoginForm and LoginControl related to the authentication since the RC released on 17 th of November. There are small improvements in the form  rendering.

    Greetings,
    Ivan Dimitrov
    the Telerik team
    Do you want to have your say when we set our development plans? Do you want to know when a feature you care about is added or when a bug fixed? Explore the Telerik Public Issue Tracking system and vote to affect the priority of the items
  9. Antoine
    Antoine avatar
    45 posts
    Registered:
    13 Jul 2012
    31 Aug 2011
    Link to this post
    We ran into this issue 12 days ago.  It was happening for less then a few hours and then went away without any intervention on our part.  We have not seen it since.

    The problem occurred while using Sitefinity 4.2.1650.0.  Attached is a screen shot of the error with stack trace.  Perhaps it will prove useful in diagnosing the problem.
  10. Ivan Dimitrov
    Ivan Dimitrov avatar
    16072 posts
    Registered:
    12 Sep 2017
    01 Sep 2011
    Link to this post
    Hello Antoine,

    This is not the same issue except the main error. Your stack trace is different. The initial issue is related to the RenewTicket, since you get error from PermissionAttribute which is responsible for permission set to verify against the current user and allowed actions. As I see you query a page on which you have news list control. The problem could be if you have set some specific permissions to a news item for a user that does not exist or similar case. Try removing the controls from the page to narrow down the issue. Then check permissions for the problematic control and content items. You can try to set them again.

    Greetings,
    Ivan Dimitrov
    the Telerik team

    Thank you for being the most amazing .NET community! Your unfailing support is what helps us charge forward! We'd appreciate your vote for Telerik in this year's DevProConnections Awards. We are competing in mind-blowing 20 categories and every vote counts! VOTE for Telerik NOW >>

10 posts, 0 answered